﻿#region Using Directives

    using System;
    using System.Security.Cryptography;
    using System.Text;

    using Csla;

    using MarketPulse.BusinessLogic.Core.System;

#endregion

namespace MarketPulse.BusinessLogic.Core.Security
{
    /// <summary>
    /// Class used to security related tasks such as, authentication, password changes, token encoding etc... 
    /// </summary>
    public static class MarketPulseSecurity
    {

        #region Methods

            #region Login/Logout Methods

                /// <summary>
                /// Method used to perform an authentication check for a user
                /// </summary>
                /// <param name="userName">The username to use</param>
                /// <param name="password">The password</param>
                /// <param name="ip">The ip address of the machine being used</param>   
                /// <param name="profileType">The type of profile to use as part of the login attempt</param>
                /// <returns>A valid (read only) ApplicationProfile object or null</returns>                 
                public static ApplicationProfile Login(string userName, string password, string ip, Guid profileType)
                {
                    // Encode the password before attempring login
                    password = StringToMD5(password);

                    // Attempt authentication
                    return MarketPulsePrincipal.Login(userName, password, profileType);
                }

                /// <summary>
                /// Method used to perform an authentication check for a user based on a private key.
                /// </summary>
                /// <param name="userGUID">The UserGUID of the user to attempt authentication with.</param>
                /// <param name="ip">The ip address of the machine being used</param>   
                /// <param name="profileType">The type of profile to use as part of the login attempt</param>
                /// <param name="privateKey">The private key to use to authenticate this user.</param>
                /// <returns>A valid (read only) ApplicationProfile object or null</returns>                 
                public static ApplicationProfile Login(Guid userGUID, string privateKey, string ip, Guid profileType)
                {
                    // Attempt authentication
                    return MarketPulsePrincipal.Login(userGUID, privateKey, profileType);
                }

                /// <summary>
                /// Logout.
                /// </summary>
                public static void Logout()
                {
                    // Invalidate Authentication
                    MarketPulsePrincipal.Logout();
                }

            #endregion

            #region Encoding Methods

                /// <summary>
                /// Methos used to MD5 encode a string (One way encoding)
                /// </summary>
                /// <param name="inputString">string to be encoded to MD5</param>
                /// <returns>An MD5 encoded string</returns>
                public static string StringToMD5(string inputString)
                {
                    // Create a new instance of the MD5CryptoServiceProvider object
                    MD5 md5Hasher = MD5.Create();

                    // Convert the input string to a byte array and compute the hash.
                    byte[] byteArray = md5Hasher.ComputeHash(Encoding.Default.GetBytes(inputString));

                    // Create a new stringbuilder to collect the bytes and create a string
                    StringBuilder stringBuilder = new StringBuilder();

                    // Loop through each byte of the hashed data and format each one as a hexadecimal string
                    for (int i = 0; i < byteArray.Length; i++)
                    {
                        stringBuilder.Append(byteArray[i].ToString("x2"));
                    }

                    // Return the hexadecimal string
                    return stringBuilder.ToString();
                }

                /// <summary>
                /// Generates a new SHA1 hash using the text and salt provided.
                /// </summary>
                /// <param name="text">The text to generate a hash for.</param>
                /// <param name="salt">The salt to season the hash with.</param>
                /// <returns>A SHA1 hashed hex string.</returns>
                public static string StringToSHA1(string text, string salt)
                {
                    using (var sha1 = new HMACSHA1(Encoding.UTF8.GetBytes(salt)))
                    {
                        var hashData = sha1.ComputeHash(Encoding.UTF8.GetBytes(text));
                        return BitConverter.ToString(hashData).Replace("-", "");
                    }
                }

            #endregion

        #endregion

    }
}